Security enhancement with foreground trust, comfort, and ten commandments for real people

Part of book or chapter of book English OPEN
Marsh, Stephen ; Basu, Anirban ; Dwyer, Natasha (2013)
  • Publisher: Potsdam University Press

Security as an enabling paradigm has not succeeded half as well as we might have hoped. Systems are broken or breakable, and users (people) have something of a lack of faith, understanding, or patience with security measures that exist. Whilst secure systems and solutions are the backbone of a working interconnected system of systems, they are not people-oriented, and they are oftentimes arcane enough to have an air of ‘security theatre’ about them. We can also assume that they will continue to grow in both complexity and application if we continue as we are in our arms race.\ud To answer what we perceive to be a problem here, we are working on the integration of socio-psychological notions of trust into computational systems where it makes sense (both human- and system-facing). This work includes the development of our Device Comfort paradigm and architecture, wherein mobile devices and nodes in infrastructures have a embedded notion of comfort that they can use to reason about their use, behaviour, and users. This notion, contextually integrated with the environment the device is in, aids in decision making with regard to, for instance, information flow, security posture, and user-oriented advice. Most importantly, the notion embeds trust reasoning and communication into the device, with which the user can be aided to un- derstand situation, risk, and actions by device, infrastructure, and themselves - which we call Foreground Trust, after Dwyer. We conjecture that comfort and foreground trust both enhance security for devices and increase the under- standing of security for the user, through use of human-comprehensible and anthropomorphic concepts. In this paper, we discuss some security problems, address the misnomer of trusted computing, and present an overview of com- fort and foreground trust. Finally, we briely present our ten commandments for trust-reasoning models such as those contained within Device Comfort, in the hope that they are of some use in security also.
  • References (14)
    14 references, page 1 of 2

    [1] A. Basu. A Reputation Framework for Behavioural History. PhD thesis, University of Sussex, UK, January 2010.

    [2] S. Bok. Lying: Moral Choice in Public and Private Life. Pantheon Books, New York, 1978.

    [3] M. Dibben. Exploring Interpersonal Trust in the Entrepreneurial Venture. London: MacMillan, 2000.

    [4] N. Dwyer. Traces of Digital Trust: An Interactive Design Perspective. PhD thesis, School of Communication and three Arts, Faculty of Arts, Education and Human Development, Victoria University, 2011.

    [5] N. Hikage, Y. Murayama, and C. Hauser. Exploratory survey on an evaluation model for a sense of security. In H. Venter, M. Eloff, L. Labuschagne, J. Eloff, and R. von Solms, editors, IFIP Volume 232, New Approaches for Security, Privacy and Trust in Complex Environments, volume 232, pages 121-132, Springer, 2007.

    [6] N. Luhmann. Trust and Power. Wiley, Chichester, 1979.

    [7] S. Marsh. Formalising Trust as a Computational Concept. PhD thesis, University of Stirling, 1994. Available via www.stephenmarsh.ca.

    [8] S. Marsh. Comfort zones: Location dependent trust and regret management for mobile devices. In In Proceedings TruLoco 2010: at IFIPTM 2010, Morioka Japan., 2010.

    [9] S. Marsh, A. Basu, and N. Dwyer. Rendering unto Caesar the things that are Caesar's: Complex trust models and human understanding. In T. Dimitrakos, R. Moona, D. Patel, and D. H. McKnight, editors, Proceedings Trust Management VI: IFIPTM Conference on Trust Management, pages 191-200. Springer (IFIP AICT), 2012.

    [10] S. Marsh and P. Briggs. Defining and investigating device comfort. In Proceedings of IFIPTM 2010: Short Papers, 2010.

  • Metrics
    No metrics available
Share - Bookmark